SpringbootCMS 1.0 foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker, such as cookie theft
History

Tue, 24 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-09-27T00:00:00

Updated: 2024-09-24T13:15:27.811Z

Reserved: 2023-09-18T00:00:00

Link: CVE-2023-43191

cve-icon Vulnrichment

Updated: 2024-08-02T19:37:23.375Z

cve-icon NVD

Status : Analyzed

Published: 2023-09-27T23:15:11.960

Modified: 2023-10-26T20:10:03.743

Link: CVE-2023-43191

cve-icon Redhat

No data.